Maintaining a secure computing device in a test taking environment

ABSTRACT

The presently disclosed invention provides for the security of a computing device in the context of a test taking environment. By securing a computing device, an individual (or group of individuals) may more effectively proctor a large examination without worrying about a test taker illicitly accessing information on their computer or via a remote source of data. Securing a computing device includes locking out or preventing access to any application not deemed necessary or appropriate by the test administrator.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention generally relates to online testing. Morespecifically, the present invention concerns maintaining the security ofa computing device in an online test taking environment.

2. Description of the Related Art

Tests are used to determine the ability of a test taker (e.g., a studentor prospective practitioner) as it pertains to proficiency in aparticular subject or skill set. For example, a student might take atest to determine whether the student possesses the requisite knowledgein a particular subject that might be related to receiving a degree orcertificate. A prospective practitioner in law or medicine mightsimilarly sit for examination to determine their competence as itpertains practicing in that profession.

Every student has at some point taken a test whereby a class ofapproximately 30 students assembles in a classroom prior to the postedtest time. Testing materials are then handed out and the test begins.During the allotted test time—usually an hour to 90 minutes—studentsread questions and provide answers on a provided answer sheet or in a‘blue book.’ As students take the test, the teacher or a proctor keepscareful watch over the test takers to ensure that no instances ofcheating are taking place.

While a single proctor proves useful for a small class of students, suchobservation becomes more difficult for a larger class size. This mightbe true in a college environment, for example, where a particular degreeor discipline has certain ‘core’ classes taken by all students seeking aparticular degree or studying within a particular college. It is notunusual for a first year mathematics or chemistry course to have upwardsof 150 students sitting for a single examination. In orderly toeffectively prevent instances of cheating, several proctors must beutilized to keep watch over the student test takers.

This problem has become even more pronounced as an increased number ofstudents take examinations on a laptop computer. A proctor once onlyneeded to keep a watch for a test taker slipping out an obvious ‘cheatsheet’ or looking over the shoulder of a neighboring test taker. Testtakers can now store notes or other information related to anexamination in a file accessible on their desktop. Test takers caneasily and quietly access that illicit information during theexamination. The test taker can quickly close out the file as a proctormoves about the room or even delete the file in its entirety thuseliminating any proof that cheating ever took place. Built in wirelesscards and pervasive wireless networks also allow test takers with easyaccess to the Internet or other remote sources of information.

As the number of test takers increases, so does the need for additionalproctors. Tests such as college entrance examinations may be offered ona nationwide network with multiple testing sites all offering theexamination on a single date. An example of a ‘nationwide’ examinationis the SAT Reasoning Test. In 2006, the SAT Reasoning Test was, over thecourse of the year, taken by almost 1.5 million prospective collegestudents. Another example of a large scale examination is the MultistateBar Examination (MBE). In 2007, the MBE was taken by almost 75,000prospective attorneys in 53 different jurisdictions.

The ‘high stakes’ nature of the examination (i.e., potential collegeadmission or the ability to practice law) creates a greater motivationfor cheating. Due to the increased risk of cheating and the large numberof students at each testing site, multiple proctors must be utilized ateach site. If the test happens to be a time intensive examination—as isthe case with both the SAT Reasoning Test and the MBE, which are bothapproximately 3 hours in length—then even more proctors are needed to‘relieve’ one another for respites. The concerns raised by the use oflaptop computers and the remote or illicit access to information onlyscales as does the number of test takers.

Even without the complications proffered by a laptop computer,proctoring an examination, too, is a significant logistical task in thecase of a large examination. Offering an examination and proctoring thesame first requires locating eligible proctors (i.e., trustworthyindividuals without a personal stake in the outcome of any given testtaker) and determining their availability (i.e., can they be availableto proctor the examination on a given date and time). Once eligibleproctors are determined to be available, those proctors must then betrained or oriented with respect to the particulars of the examinationor advised as to how to properly administer the examination (e.g.,testing protocols, observing signs of cheating, confront the misbehavingtest taker, and addressing potential test taker questions). Proctorsmust then be scheduled in the appropriate number at each testing siteand then properly compensated for their time and efforts. In someinstances, the costs involved with proctoring an examination may rivalor exceed the costs related to actually preparing the examination.

Other tests are offered in the context of ‘distance learning.’ Distancelearning is an instructional model that delivers education material andinformation to students who are not physically ‘on site’ at aneducational facility. Distance learning creates and provides access tolearning when the source of the information and the student areseparated by time, distance, of both. Thousands of distance learners maybe involved in a particular distance learning program or course at anygiven time.

Like any other educational program, there is a need to verify thequalifications of students through testing and examination. Becausedistance learners are not collectively gathered at a physical learninginstitution such as a university, the distance learning program requiresthat the students attend a testing center—which challenges the verypurpose of distance learning—or administer an examination online. Anonline examination is difficult to proctor as a user could be taking anexamination in one window of a web browser while looking up answers inanother window via the Internet. A test taker could also utilize a‘chat’ or ‘messaging’ application to relay questions to and receiveanswers from a knowledgeable third-party. The value of onlineexaminations is, therefore, questionable and calls into question theoverall value of the corresponding class or degree program.

There is a need in the art for improved proctoring of large scaleexaminations such that a small number of proctors can properly secure atest taking environment notwithstanding the large number of test takers.There is a similar need for remote proctoring of examinations. Remoteproctoring, like on-site massed proctoring, would maintain the integrityof the testing environment by preventing test takers from accessingillicit information to aid in the completion of the examination.

SUMMARY OF THE CLAIMED INVENTION

A first claimed embodiment of the present invention is for acomputer-readable storage medium. The storage medium includes a programexecutable by a processor to perform a method for securing a computingdevice during a testing event. The method includes the steps ofreceiving a set of protocols related to security of the testing eventand modifying the system registry of the computing device to preventexecution of an application not in compliance with one or more of theset of protocols. The program further includes execution of a testingroutine corresponding to the testing event. Any actions not incompliance with one or more of the set of protocols, including changesto or attempts to change any modifications to the system registry priorto completion of the testing routine are reported through execution ofthe program.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates the system architecture of a computing device as maybe found in the prior art.

FIG. 2 illustrates a test taking system environment including a securecomputing device.

FIG. 3 illustrates a method for securing a computing device during atesting event.

DETAILED DESCRIPTION

Embodiments of the presently disclosed invention provide for thesecurity of a computing device in the context of a test takingenvironment. By securing a computing device, an individual (or group ofindividuals) may more effectively proctor a large examination withoutworrying about a test taker illicitly accessing information on theircomputer or via a remote source of data. Securing a computing deviceincludes locking out or preventing access to any application not deemednecessary or appropriate by the test administrator.

Securing a computing device may further include allowing the testadministrator access to the computing device before or during theexamination. By granting access to the computing device, the testadministrator may search for illicit files related to the examination ormake determinations as to whether the test taker has attempted todisable (or has disabled) certain functionalities relates to locking outunnecessary or inappropriate applications on the computing device.Access to the computing device by a testing administrator may occur inthe context of other applications being locked out for the duration ofthe examination.

FIG. 1 illustrates the system architecture 100 of a computing device asmay be found in the prior art. The system architecture 100 illustratedin FIG. 1 includes hardware 110, operating system 120, and softwareapplications 130. The system architecture 100 of FIG. 1 is an exemplaryabstraction and may include additional layers such as firmware, anassembler, and device drivers.

A computing device includes any number of hardware components 110 suchas a central processor, memory, wireless chipset, and network interface.The computing device further includes a variety of software applications130 such as a web browser, word processor, and electronic mail or chatclients. The operating system 120 serves as an interface between thehardware components 110 and software applications 130.

At the core of the operating system 120 is the kernel 140. The kernel140 is the lowest-level abstraction layer for computing device resourcessuch as memory, processors, and input/output components. The kernel 140makes these resources available to software applications 130 by settingup address space, loading the file containing the application code intomemory, and setting up an execution stack to allow for execution of theapplication and implementation of its corresponding functionality.

A system registry 150 is a database that stores settings and options fora particular operating system 120 installed on the computing device. Thesystem registry 150 includes information and settings for the computingdevice hardware 110, the operating system software 120, and applicationsoftware 130. The registry 150 may be manually edited in real-timethrough user interaction or in response to execution of a particularsoftware application 130.

FIG. 2 illustrates a test taking system environment 200 including asecure computing device 210. The system 200 of FIG. 2 includes theaforementioned secure computing device 210 that may be utilized intaking an examination, a testing server 220 for administering a test, aproctoring center 230, and a communications network 240. Thecommunications network 240 allows for the online exchange of testingdata by and between the computing device 210 and the testing server 220.The communications network 240 also allows for the observation oftesting data and test taker behavior by the proctoring center 230. Thecomputing device 210 of FIG. 2 may be secured for the taking of a testas described below.

Computing device 210 may be any sort of computing device as is known inthe art and generally include a system architecture like that describedin FIG. 1. Computing device 210 includes memory for storage of data andsoftware applications, a processor for accessing data and executingapplications, input and output devices that allow for user interactionwith the computing device 210. Computing device 210 further includescomponents that facilitate communication over communications network 240such as an RJ-45 connection for use in twisted pair-based 10baseTnetworks or a wireless network interface card allowing for connection toa radio-based communication network (e.g., an 802.11 wireless network).

Computing device 210 may be a general purpose computing device such as adesktop or laptop computer. Computing device 210 may be made securethrough the implementation of, for example, the methodology describedwith respect to FIG. 3. The general computing device may belong to aparticular test taker rather than being a computing device dedicated totest taking and as might otherwise be found in a testing center. Thinclient or netbook client devices may be implemented in the context ofcomputing device 210 as might mobile computing devices such as smartphones.

The computing device 210 may include any number of software applicationsincluding those described in the context of FIG. 1. In addition tosoftware applications, the computing device 210 may—especially in thecase of a personal computing device—include any number files or othertypes of data such as notes, outlines, and test preparation material.Possession of this data—as well as having access to certain applicationsthat themselves allow for access to data (e.g., through a webbrowser)—during the course of a test or examination would prove highlyadvantageous to the test taker, but detrimental as to the accuracy orrelevance of any resulting test data. Similar issues would exist withrespect to a test-center computer that has access to the Internet orthat might allow for the introduction of data through a portable storagedevice.

Testing server 220 is a computing device tasked with the delivery oftesting data, including questions, and other related applicationpackages to the computing device 210 by means of communications network240. Like computing device 210, testing server 220 includes memory, aprocessor for accessing data and executing applications, and componentsto facilitate communication over communications network 240 includingcommunications with computing device 210.

Proctoring center 230 is an operations center staffed by one or morepersons observing various testing behaviors for one or more testingsites. Testing sites can be testing centers dedicated to the offering oftests and examination, traditional classroom settings, as well aspersonal space such as a home or office workspace. Proctoring center mayobserve and analyze a variety of different types of information to helpensure the integrity and security of a test and/or testing environment.The observation and analysis of information is described in furtherdetail below with respect to assessment module 270 and camera device280.

Communication network 240 may be a local, proprietary network (e.g., anintranet) and/or may be a part of a larger wide-area network. Thecommunications network 240 may be a local area network (LAN), which maybe communicatively coupled to a wide area network (WAN) such as theInternet. The Internet is a broad network of interconnected computersand servers allowing for the transmission and exchange of InternetProtocol (IP) data between users connected through a network serviceprovider. Examples of network service providers are the public switchedtelephone network, a cable service provider, a provider of digitalsubscriber line (DSL) services, or a satellite service provider.Communications network 240 allows for communication between the variouscomponents of test taking system environment 200.

In order to prevent access to files or other types of data such asnotes, outlines, and test preparation material during an examination—aswell as applications that themselves allow for access to data—it isnecessary to secure computing device 210. Computing device 210 may besecured through the download and subsequent installation of securetesting application 250. Secure testing application 250 may bedownloaded from testing server 220 or another computing device coupledto communications network 240 such as testing registration server 260.Secure testing application 250 may also be installed from acomputer-readable storage device such as a CD-ROM. The testing securityapplication may then be stored in memory at the computing device 210 andexecuted by a processor to invoke its corresponding functionality.

Secure testing application 250 is a security software application thatprevents computing device 210 from accessing certain data orapplications that might otherwise be in violation of testing regulationsor protocols as identified by testing server 220. Secure testingapplication 250 causes the computing device 210 to operate in a securemode by introducing certain changes to the system registry such thatonly those applications or files deemed necessary or appropriate by thetest administrator and as embodied in a corresponding testing protocolmay be allocated address space, loaded into memory and ultimatelyexecuted by the computing device 210.

For example, a testing protocol for a particular examination may denyaccess to a web browser, e-mail client, and chat applications such thata test taker may not electronically communicate with other individualsduring the examination. This particular protocol may be downloaded tothe client computing device 210 from the testing server 220 along withtesting data. The secure testing application 250 then operates inaccordance with the downloaded testing protocol such that theaforementioned applications are not allowed to be loaded and executed.Because the applications that may be installed on a computing device areall but infinite, the testing protocol may identify those applicationsthat a user is allowed to access rather than those applications to whichaccess is prohibited.

Similar prohibitions or permissions may apply to hardware components ofthe computing device 210 as well as any number of hardware peripheralsthat might be introduced to the computing device 210. Examples of suchperipherals include a second computer monitor, docking stations, and atraditional full-sized keyboard as might be used with a laptop computer.Other peripherals might include thumb drives, ‘time-shift’ recordingdevices that offer TiVo®-like functionality, as well as any number ofother plug-and-play peripherals.

A particularly apt example with respect to hardware at the computingdevice 210 concerns network connectivity. Network connectivity may beallowed prior to commencing an examination such that certain data may bedownloaded. This data may include the actual test (e.g., prompts andquestions) or other data concerning a test. Once the certain data isdownloaded, however, network connectivity may be deactivated through‘locking out’ a network card until the test is completed and the networkcard is released.

In other instances, however, network connectivity may be maintainedthroughout the course of the examination. This may be particularlyrelevant to a scenario where testing data is maintained at the testingserver 220 and only displayed at the computing device 210. In such aninstance, the test data itself may never be stored or downloaded at thecomputing device. In these and similar scenarios, it may be necessary toallow only certain data to be exchanged over the network connection.This would include both incoming and outgoing data.

In those instances where the secure testing application 250 allowsaccess to certain applications on computing device 210, thefunctionalities of those applications may be limited. For example, atesting protocol may allow for activation of a web browser and networkconnectivity, but only to a single secure site providing testing data.The protocol may further or alternatively allow for exchanges of onlycertain types of data or data that has been certified for exchange. Such‘certifications’ may include the presence of certain headers in the dataor the data having been encrypted in a particular fashion. Similarly,the ‘print’ function of a particular application may be disabled. Thetesting protocol may include instructions on how certain applicationprogramming interfaces (APIs) for certain commercially availablesoftware applications are to be implemented or disabled by the securetesting application 250. Drivers may be managed in a similar fashion(e.g., a printer driver).

Access to certain applications, hardware, or functionality may bedisabled or limited for a particular portion of an examination. As notedabove, a network interface card may be temporarily disabled after aninitial download of data. Once the test is complete, however, thenetwork card may be re-enabled to allow for transmission of data or toallow for the free and general exchange of data rather than a morelimited set under the control of the secure testing application 250.

The occurrence of certain milestones or events during a testing eventmay correspond to the enablement or disabling of hardware, software, orspecific application functionality. For example, print functionality maybe disabled during an examination to prevent a test taker from printinga copy of the examination and then delivering the copy to a friend sothat they may review the questions before they take the examination.That functionality may be enabled, however, to allow the user to keep acopy of their answers sans the questions. The functionality may bere-enabled once a user clicks on a ‘Test Complete’ button or icon thatlocks in the test taker's answers and prevents them from being furthermanipulated once certain computing device 210 hardware, software, orfunctionality has been re-enabled that was otherwise disabled during theexamination.

Because APIs vary in each application—and even between versions of thesame application—the secure testing application 250 (per the testingprotocol) may only allow for the use of certain versions or types ofsoftware applications (e.g., only version 3.0.13 of the Firefox webbrowser). If a user attempts to use a different version or type ofapplication, the secure testing application 250 will prevent executionof that application or specific version thereof. The secure testingapplication 250 may further inform the user that an upgrade or differenttype of browser is required. As such, a test taker may be informed ofcertain system requirements in advance of an examination.

In some instances, it may be worthwhile to provide a native application275 in conjunction with or as a part of the secure testing application250. Native application 275 may encompass an application created by thetesting administrator or otherwise developed specifically foradministration of online examinations. Native application 275 may offerthe general functionality of certain commercially available softwareapplications, but without the functionality that offers possibility forengaging in illicit behavior during an examination. For example, a wordprocessing application offers the ability for a user to produce the textfor a document according to instructions. That same application,however, also allows the user the ability to access other notes createdusing the word processor.

In order to prevent illicit testing behavior, the word processor mustallow for the generation of information through the usual input of data,but prohibit access to preexisting data. The word processor must also beprevented from ‘pasting’ data that might have been ‘copied’ from studynotes immediately prior to the examination commencing. Notwithstanding,the test taker must still be allowed for a user to ‘cut and paste’ fromoriginally generated answers during the course of the examination.

To implement these specific degrees of control, those specificlimitations must first be identified and then conceived as to particularlimitations (i.e., what is allowed and what is prohibited). A testingprotocol must then be crafted that embodies these permission andprohibitions. To implement the protocol then requires interacting withvarious APIs, which is dependent upon a user having a particular type ofsoftware application and version thereof installed. A natively derivedword processing application may simply offer requisite functionalityrather than cobble together a series of permitted functions in acommercially available word processing application.

In other instances, a commercial application such as Word for Windows®may be hosted at the testing server 220 or some ancillary server in thetesting environment 200 and allow for user access to the same during theexamination. By maintaining centralized hosting of a requisiteapplication, users are prohibited from exceeding the permitted use ofthat same application on their own computer 210. In such an instance,the computing device 210 utilized by the user (as well as that of thetesting server 220) may require hardware or software to allow for suchmultiplexed access and interaction. In some instances, this software maybe an integrated part of secure testing application 250. In otherinstances, however, a user may be required to install this software froma third-party, which may be certified by the entity offering the test orexamination.

A natively derived application 275 prepared for use in the testingtaking system environment 200 may be provided with respect to a webbrowser. This native browser may allow access to only those web sitesdirectly related to the test (e.g., providing examination questions) orthat provide pre-approved test materials such as manuals, regulations,or rules that might be referenced and cited by an applicant during an‘open book’ type examination. A native application 275 might alsoencompass a uniquely generated offering of questions in the context of amultiple choice type examination. Such an application may be akin to a‘survey’ that a user might otherwise take on any number of websites onthe Internet. In such an application, the user is allowed to select apredetermined slate of options and only those options; access to anyother applications on the computing device 210 becomes irrelevant andunnecessary.

A native application 275 may also operate in conjunction with acommercial application during testing. For example, a testing protocolmay indicate that all chat or electronic-mail applications are to bedisabled by the secure testing application 250, but that the test takermay use a commercially available word processing application withlimited functionality. The test administrator may wish to offertechnical assistance to the test taker during the course of theexamination in case some aspect of the test becomes corrupted withrespect to the delivery of data. A native application 275 dedicated toinstant messaging or ‘chatting’ with an approved technical support agentmay be provided for use during the examination.

Secure testing application 250 may include an assessment module 270. Theassessment module 270 observes activity on the computing device 210during administration of an examination. If a user attempts to makechanges to the system registry that were implemented by the securetesting application 250, the assessment module 270 may identify andreport these attempts to the proctoring center 230. The assessmentmodule 270 may also check an output file for metadata or a keystroke logthat might indicate an attempt to switch between accounts if aparticular operating system allows for multiple users (each of whichwould have their own unique system registry) or operating systemenvironments in the case of a computing device 210 operating with theuser of a virtual machine. The assessment module 270 may further allowthe proctoring center 230 a real-time look into modifications oractivity occurring at the computing device 210 including changes at theregistry level or activity occurring on-screen.

Secure testing application 250 may further include an assessment module270, which operates in conjunction with a peripheral device such ascamera device 280. The assessment module 270 operates in conjunctionwith the secure testing application 250 to deliver data to theproctoring center 230 for review and analysis to ensure testingintegrity. For example, the camera device 280, which may be acommercially available web camera or other image acquisition device, maygenerate data of the test taking area and the test taker. If the testtaker leaves their seat or another individual enters the testing areaduring the course of the examination, the camera device 280 will capturethis visual information and provide that data to the assessment module270. The assessment module 270, in turn, delivers the data to theproctoring center 230 for analysis.

The proctoring center 230 requires remote delivery of data. As such, anetwork connection is required to allow for delivery of that data fromthe computing device 210 to the proctoring center 230. The testingprotocols as delivered by the testing server 220 may instruct the securetesting application 250 to allow the network card to remain enabled, butto limit network connectivity to certain ports. For example, withrespect to electronic-mail, an SMTP service operates on port 25 while aPOPS service operates with respect to port 110. The secure testingapplication 250 would prohibit access to ports 25 and 110, but wouldallow the use of port 755 with respect to accessing Microsoft MediaServices, to the extent those services were used by the proctoringcenter 230 to observe video of the test taker at the computing device210. The operability of a universal serial bus (USB) port to provide forconnection of the camera device 280 to the assessment module 270 wouldlikewise be required with respect to the testing protocols.

The proctoring center 230 may then determine if any visual activityconstitutes activity not in accordance with the testing protocol. Theproctoring center 230 may then log the information for furtherassessment by the actual test administrator (e.g., the professor orprofessional association administering the examination) or make a directinquiry of the test taker as to the nature of the observed behaviorand/or provide a warning as to terminate that behavior. Other externaldevices may be used to gather environmental data that can be reported tothe proctoring center 230 in association with the assessment module 270such as a microphone or other testing environment capture device 290.

The assessment module 270 may be used to collect registrationinformation such as a name or testing identification number as well as apassword. Other registration information might include biometricinformation such as a visual image of the user that is compared againsta previously stored and known ‘good’ image of the user. A similarcomparison may be made with respect to a voice print. Retinal scans andfinger prints, subject to the presence of the appropriate peripheraldevice, may also be used for verifying test taker identity. Theseperipheral devices may be implemented in the context of a testingenvironment capture device 290.

A further registration technique may include the user typing in apreviously typed in phrase. The nuances of the user having entered thesentence previously and during the actual testing event as they pertainto the natural speed, and pauses, and so forth may be observed andcompared. As a result, the likelihood that the test taker is thepurported test taker may be determined. All of the aforementionedinformation may be maintained in storage at a testing registrationserver 260. The testing registration server 260 may be maintained by theproctoring center 230, in a secure database of information at a sitedesignated by the actual test administrator, or that of a third-partycommercial vendor.

The assessment module 270 may also operate in conjunction with a testingprotocol to properly execute a testing routine for the given testingevent. For example, the testing routine may allow for the user to haveaccess to all questions at any given time such that the user may answerand not answer questions at their leisure and subsequently return to anyquestions at a later time for further review. The testing routine mayalternatively require the user to lock in an answer or set of answersand have the same reported to the testing server 220 prior to receivinga subsequent question. The routine may alternatively require that aquestion be locked in, but the actual answers are not delivered to thetesting server 220 until conclusion of the examination, a portion of theexamination, or as part of a regular batch transmission. Answer deliverymay also occur in real-time. As such, the assessment module 270 and thetesting server 220 may operate in a binary fashion with certain databeing reported to the proctoring center 230 in conjunction with eachanswer. Other testing routine parameters might include time, number ofquestions answered, or number of questions answered correctly orincorrectly. Data exchanged between the testing server 220 and theassessment module 270 of the secure testing application 250 may beencrypted.

FIG. 3 illustrates a method 300 for securing a computing device during atesting event. Through the method 300 of FIG. 3, a secure testingapplication 250 is installed. Protocols related to a testing event aredelivered to the computing device 210 to be used during a testing event.The computing device 210 is made secure and the test is administered.During the course of the testing routine, certain observations as to thetesting environment may be captured by an assessment module 270 andreported to a proctoring center 230 and/or testing server 220.

With respect to method 300, if a secure testing application 250 is notyet installed on a computing device 210 to be used during a testingevent, the secure testing application 250 is downloaded and installed instep 310. The need to acquire the secure testing application 250 may bepreviously communicated to the test taker or may be indicated when theuser attempts to access a testing server 220, but lacks the propercredentials to do so as the test taker has not been authenticated bymeans of the assessment module 270 in the secure testing application250.

Following installation of the secure testing application 250, testingprotocols are received at the computing device in step 320. Theseprotocols are related to security of a particular testing event. Theprotocols are delivered to the computing device 210 by the testingserver 220. Some protocols may be universal and pre-implemented in thesecure testing application 250 such as requiring authentication of auser prior to commencing an examination.

At step 330, the testing protocols are implemented with respect tovarious hardware, software, and functional aspects of the computingdevice 210. Implementing the testing protocols may include modifying thesystem registry of the computing device 210 to prevent certain hardware,software, or other functionality from being implemented. These changesto the system registry may be ‘undone’ once the secure testingapplication 250 completes is execution (i.e., the test is complete). Assuch, the secure testing application 250 may maintain a record ofchanges it makes to the system registry to allow for proper editing backto an original setting. These records may also be maintained in order toallow the assessment module 270 to make a determination whether anyattempted to circumvent the secure testing application 250 have beenmade.

In step 340, the testing routine is implemented in accordance withvarious testing protocols. The testing routine includes acquisition anddelivery of test data to the computing device 210, which may occurduring registration and verification of the test taker at registrationserver 260 prior to commencing the examination. The testing routine mayfurther include delivery of test answers back to the testing server 220.A proctoring center may receive copies of test answers for the purposeof ensuring test integrity, but such receipt is not necessarily requiredin implementation of system 200.

In step 350, violations of testing protocols are reported to theproctoring center 230. Violations may also be reported to the testingserver 220. Data related to violations may be captured by camera device280 and/or testing environment capture device 290, which may include amicrophone. This data is reported to the assessment module 270, whichthen reports the data to the aforementioned proctoring center 230 foranalysis. Data related to attempts to circumvent registry changesrelated to maintaining the security of the computing device 210 duringthe testing event may likewise be reported. Violations may be reportedas they occur in real time, on-demand in response to a proctor query, oras part of a regular batch of data.

Computer-readable storage media refer to any medium or media thatparticipate in providing instructions to a central processing unit (CPU)for execution. Such media can take many forms, including, but notlimited to, non-volatile and volatile media such as optical or magneticdisks and dynamic memory, respectively. Common forms ofcomputer-readable media include, for example, a floppy disk, a flexibledisk, a hard disk, magnetic tape, any other magnetic medium, a CD-ROMdisk, digital video disk (DVD), any other optical medium, RAM, PROM,EPROM, a FLASHEPROM, or any other memory chip or cartridge.

Various forms of transmission media may be involved in carrying one ormore sequences of one or more instructions to a CPU for execution. A buscarries the data to system RAM, from which a CPU retrieves and executesthe instructions. The instructions received by system RAM can optionallybe stored on a fixed disk either before or after execution by a CPU.Various forms of storage may likewise be implemented as well as thenecessary network interfaces and network topologies to implement thesame.

While various embodiments have been described above, it should beunderstood that they have been presented by way of example only, and notlimitation. The descriptions are not intended to limit the scope of theinvention to the particular forms set forth herein. To the contrary, thepresent descriptions are intended to cover such alternatives,modifications, and equivalents as may be included within the spirit andscope of the invention as defined by the appended claims and otherwise

What is claimed is:
 1. A non-transitory computer readable storage mediumhaving embodied thereon a program, the program being executable by aprocessor to perform a method for securing a computing device during atesting event, the method comprising: receiving a testing protocol forthe testing event, the testing protocol including limitations to beapplied to the computing device during the testing event, the testingprotocol received from a test server by the computing device over acommunication network, wherein a testing routine delivers test data inaccord with the testing protocol, the test data including test answersto test questions answered by a test-taker during the testing event;granting access to the computing device before initiating execution ofthe testing routine, wherein granting access to the computing deviceallows the computing device to be searched for illicit files related tothe testing routine; applying the limitations by modifying a systemregistry of the computing device in accordance with the testingprotocol, the system registry modified before executing the testingroutine; initiating execution of the testing routine corresponding tothe testing event, the execution initiated after the system registry hasbeen modified; observing a keystroke log for attempts to switch toanother account with a different system registry; transmitting to aproctoring center in real-time a feed of on-screen activity displayed onthe screen of the computing device, the transmission automaticallytriggered when the computing device detects an attempt to change thesystem registry of the computing device that is not in accordance withthe testing protocol during the testing routine; transmitting to theproctoring center in real-time the feed of the on-screen activitydisplayed on the screen of the computing device, the transmissionautomatically triggered when the computing device detects an attempt toswitch to another account with a different system registry; sending thetest answers to the test server over the communication network when thetesting routine is complete; and locking the test answers when thetesting routine is complete.
 2. The non-transitory computer readablestorage medium of claim 1, wherein the limitations include limitationsfor the computing device during a particular portion of the testingroutine.
 3. The non-transitory computer readable storage medium of claim1, wherein the limitations include prohibiting execution of anapplication on the computing device.
 4. The non-transitory computerreadable storage medium of claim 3, wherein the limitations identifyapplications allowed to execute on the computing device.
 5. Thenon-transitory computer readable storage medium of claim 1, wherein thelimitations include limiting functionality of an application whenexecuted on the computing device.
 6. The non-transitory computerreadable storage medium of claim 1, wherein the limitations includeprohibiting access to certain data stored in memory of the computingdevice.
 7. The non-transitory computer readable storage medium of claim1, wherein the limitations include restricting use of a hardware deviceof the computing device.
 8. The non-transitory computer readable storagemedium of claim 7, wherein the hardware device is a network interfacecard of the computing device.
 9. The non-transitory computer readablestorage medium of claim 8, wherein the limitations include allowing onlycertain types of data to be exchanged via the network interface card.10. The non-transitory computer readable storage medium of claim 8,wherein the limitations include disabling network connectivity of thenetwork interface card for a particular portion of the testing routine.11. The non-transitory computer readable storage medium of claim 1,wherein the limitations correspond to occurrences of particular eventsof the testing routine.
 12. The non-transitory computer readable storagemedium of claim 1, wherein the computing device locks the test answersafter a test-taker clicks on a test complete icon.
 13. Thenon-transitory computer readable storage medium of claim 1, wherein thecomputing device locks the test answers after a test-taker activates atest complete button.
 14. The non-transitory computer readable storagemedium of claim 1, wherein the computing device locks the test answersafter an allotted time period.
 15. The non-transitory computer readablestorage medium of claim 1, further comprising the test routine receivingthe test questions from the testing server.
 16. The non-transitorycomputer readable storage medium of claim 1, wherein environmental datais collected and sent to the proctoring center.
 17. The non-transitorycomputer readable storage medium of claim 16, wherein the proctoringcenter is the test server.
 18. The non-transitory computer readablestorage medium of claim 16, wherein at least a portion of theenvironmental data are collected by a microphone.
 19. The non-transitorycomputer readable storage medium of claim 16, wherein at least a portionof the environmental data are collected by a camera.